Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Issue

Description

Resolution

All unauthenticated endpoints

Cross-origin resource sharing (CORS) protections as been disabled on all unauthenticated endpoints.

Access-Control-Allow-Origin: *

14 August 2023

Register APIs use different field type definitions

The Register APIs define their own field types that are not consistent with the Common Field Types defined in the data standards. As part of porting the Register standards across to the primary data standards, the field types need to be re-aligned to use the common field type definitions. For example, string (data-time) should be changed to DataTime and integer(int32) should be changed to PositiveInteger.

Resolved in CDS v1.22

Incorrect endpoint addresses in Consumer Data Standards

The address of the Get OpenId Provider Config endpoint should be:

/idp/.well-known/openid-configuration

e.g. https://api.cdr.gov.au/idp/.well-known/openid-configuration

The address of the Get JWKS endpoint should be:

/cdr-register/v1/jwks

e.g. https://api.cdr.gov.au/cdr-register/v1/jwks

Resolved in CDS v1.25